Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
4171	2021-01-04 21:52	x.exe e17657980519481a0b685f36568e4c99 MachineGuid unpack itself Checks Bios malicious URLs AntiVM_Disk anti-virtualization VM Disk Size Check DNS					4.2	M		ZeroCERT

4172	2021-01-04 21:59	z.exe 49f6bc2ae9588495c19b4fc1d2c25189 MachineGuid Check memory WMI malicious URLs AntiVM_Disk VM Disk Size Check ComputerName Remote Code Execution DNS DDNS crashed		2	1		4.4	M		ZeroCERT

4173	2021-01-04 22:00	xx.exe 3c778cd34e3c5c09448411b0c545b2e3 malicious URLs IP Check DNS	1 Keyword trend analysis	2	1		2.2	M		ZeroCERT

4174	2021-01-04 22:02	dctk.exe 683b2ef50e7525231d74f101bae391de suspicious privilege Check memory Checks debugger unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Windows					4.4	M		ZeroCERT

4175	2021-01-04 22:03	11.exe 3a2c81004ec09fd05097000f3a1f776f Dridex Malware unpack itself Tofsee Interception DNS crashed		4	3		2.8	M		ZeroCERT

4176	2021-01-04 22:06	GWqhcX68z24xeAO.exe 88d3d51b7b9153aa613d4ce1253ba022 suspicious privilege Code Injection Check memory Checks debugger Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Windows ComputerName DNS					9.0	M		ZeroCERT

4177	2021-01-04 22:07	me.exe 421de22e246d416e7309e54268052ada suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Windows ComputerName					10.4	M		ZeroCERT

4178	2021-01-04 22:14	me.exe 421de22e246d416e7309e54268052ada suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Windows ComputerName					10.4	M		ZeroCERT

4179	2021-01-04 22:15	GWqhcX68z24xeAO.exe 88d3d51b7b9153aa613d4ce1253ba022 suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files RWX flags setting unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Ransomware Windows ComputerName DNS keylogger	1 Keyword trend analysis	3	1		14.2	M		ZeroCERT

4180	2021-01-04 22:18	me.exe 421de22e246d416e7309e54268052ada suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Windows ComputerName					10.4	M		ZeroCERT

4181	2021-01-04 22:18	Order.exe ff54a5c5816d0bbb3722a504f9979fdd Buffer PE AutoRuns suspicious privilege MachineGuid Check memory Checks debugger buffers extracted unpack itself human activity check Windows ComputerName DNS DDNS		2	1		8.4	M		ZeroCERT

4182	2021-01-04 22:23	PROYECTO_FINAL_WF_1.exe 8b3404eba184e959ce1975a34dc5399a Malware PDB suspicious privilege Malicious Traffic Check memory Checks debugger unpack itself malicious URLs human activity check Tofsee ComputerName	2 Keyword trend analysis	6	1		3.6	M		ZeroCERT

4183	2021-01-04 22:23	po.exe 145d08f897eb350ba87e8003ff45723e Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Malicious Traffic Checks debugger unpack itself malicious URLs Tofsee Windows Browser Email ComputerName DNS Software crashed	4 Keyword trend analysis Info http://redirector.gvt1.com/edgedl/release2/update2/cvA_S5Xpe1gieHmJ_saL_Q_1.3.36.52/GoogleUpdateSetup.exe http://r7---sn-3u-bh2lz.gvt1.com/edgedl/release2/update2/cvA_S5Xpe1gieHmJ_saL_Q_1.3.36.52/GoogleUpdateSetup.exe?cms_redirect=yes&mh=Sd&mip=175.208.134.150&mm=28&mn=sn-3u-bh2lz&ms=nvh&mt=1609766446&mv=u&mvi=7&pl=18&shardbypass=yes https://update.googleapis.com/service/update2?cup2key=10:4182187193&cup2hreq=4e6330dc4c89151dac6b8c520543e5360e820e4b0983d243951256595ea13d6e https://update.googleapis.com/service/update2	2	4		9.6	M	53	ZeroCERT

4184	2021-01-04 22:31	scriptxls_4e270c39-ab5b-40af-9... 5ac28f78814ba152cbeb7ca435cc32fe VirusTotal Malware powershell suspicious privilege Malicious Traffic Check memory Checks debugger Creates shortcut unpack itself powershell.exe wrote Check virtual network interfaces suspicious process malicious URLs WriteConsoleW Tofsee Windows ComputerName Cryptographic key		4	2		8.2	M	1	ZeroCERT

4185	2021-01-04 22:31	qf2rlXEs14oPFz6.exe f697a082ed2e8ce81ee8bb46fe8b6896 suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities Checks Bios Detects VirtualBox suspicious process AppData folder malicious URLs WriteConsoleW VMware anti-virtualization Windows ComputerName DNS Software					14.4	M		ZeroCERT

First
Previous
271
272
273
274
275
276
277
278
279
280
Next
Last
Total : 48,355cnts